Synopsis:          Important: samba4 security update
Advisory ID:       SLSA-2014:1009-1
Issue Date:        2014-08-05
CVE Numbers:       CVE-2014-3560
--

A heap-based buffer overflow flaw was found in Samba's NetBIOS message
block daemon (nmbd). An attacker on the local network could use this flaw
to send specially crafted packets that, when processed by nmbd, could
possibly lead to arbitrary code execution with root privileges.
(CVE-2014-3560)

After installing this update, the smb service will be restarted
automatically.
--

SL6
  x86_64
    samba4-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-client-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-common-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-dc-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-dc-libs-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-debuginfo-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-devel-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-libs-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-pidl-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-python-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-swat-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-test-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-winbind-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-winbind-clients-4.0.0-63.el6_5.rc4.x86_64.rpm
    samba4-winbind-krb5-locator-4.0.0-63.el6_5.rc4.x86_64.rpm
  i386
    samba4-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-client-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-common-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-dc-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-dc-libs-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-debuginfo-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-devel-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-libs-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-pidl-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-python-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-swat-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-test-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-winbind-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-winbind-clients-4.0.0-63.el6_5.rc4.i686.rpm
    samba4-winbind-krb5-locator-4.0.0-63.el6_5.rc4.i686.rpm

- Scientific Linux Development Team